Wind River Support Network

HomeDefectsLIN6-10041

Fixed

LIN6-10041 : ntpd CVE-2014-9295 patch was disabled by accident

Created: Jun 18, 2015 Updated: Dec 3, 2018

Resolved Date: Jun 18, 2015

Found In Version: 6.0.0.19

Fix Version: 6.0.0.22

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Networking

Description

The patch for CVE-2014-9297 created in LIN6-9209 removes CVE-2014-9295 from the ntp recipe layers/meta-networking/recipes-support/ntp/ntp.inc:
- file://CVE-2014-9295.patch \ 
+ file://CVE-2014-9297.patch \
+ file://CVE-2014-9298.patch \

Workaround

Add file://CVE-2014-9295.patch back to the layers/meta-networking/recipes-support/ntp/ntp.inc recipe.

Steps to Reproduce

Check the CVE-2014-9295.patch is applied to the ntp package code: it is not.

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38